From owner-freebsd-questions@FreeBSD.ORG  Tue Jun  7 22:17:32 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6910E16A442
	for <freebsd-questions@freebsd.org>;
	Tue,  7 Jun 2005 22:17:32 +0000 (GMT)
	(envelope-from keramida@ceid.upatras.gr)
Received: from nic.ach.sch.gr (nic.sch.gr [194.63.238.4])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 67D0943D53
	for <freebsd-questions@freebsd.org>;
	Tue,  7 Jun 2005 22:17:30 +0000 (GMT)
	(envelope-from keramida@ceid.upatras.gr)
Received: (qmail 3954 invoked by uid 207); 7 Jun 2005 22:17:29 -0000
Received: from keramida@ceid.upatras.gr by nic by uid 201 with
	qmail-scanner-1.21 
	(sophie: 3.04/2.19/3.81.  Clear:RC:1(81.186.70.151):. 
	Processed in 1.541096 secs); 07 Jun 2005 22:17:29 -0000
Received: from dialup151.ach.sch.gr (HELO gothmog.gr) ([81.186.70.151])
	(envelope-sender <keramida@ceid.upatras.gr>)
	by nic.sch.gr (qmail-ldap-1.03) with DES-CBC3-SHA encrypted SMTP
	for <fbsd_user@a1poweruser.com>; 7 Jun 2005 22:17:27 -0000
Received: from gothmog.gr (gothmog [127.0.0.1])
	by gothmog.gr (8.13.3/8.13.3) with ESMTP id j57H0ZM0002220;
	Tue, 7 Jun 2005 20:00:35 +0300 (EEST)
	(envelope-from keramida@ceid.upatras.gr)
Received: (from giorgos@localhost)
	by gothmog.gr (8.13.3/8.13.3/Submit) id j57H0ZmC002219;
	Tue, 7 Jun 2005 20:00:35 +0300 (EEST)
	(envelope-from keramida@ceid.upatras.gr)
Date: Tue, 7 Jun 2005 20:00:35 +0300
From: Giorgos Keramidas <keramida@ceid.upatras.gr>
To: fbsd_user <fbsd_user@a1poweruser.com>
Message-ID: <20050607170034.GB1811@gothmog.gr>
References: <MIEPLLIBMLEEABPDBIEGMEFPHGAA.fbsd_user@a1poweruser.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <MIEPLLIBMLEEABPDBIEGMEFPHGAA.fbsd_user@a1poweruser.com>
Cc: freebsd-questions@freebsd.org
Subject: Re: OpenBSD PF  set skip on rule not working
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jun 2005 22:17:32 -0000

On 2005-06-07 11:08, fbsd_user <fbsd_user@a1poweruser.com> wrote:
> I have this rule in my PF rules file. When I load the rules I get
> syntax error on the rule.

> set skip on lo0             # No restrictions on Loopback Interface
>
> The OpenBSD PF manual says this is good syntax.

The syntax is fine.  You just used it at the wrong place.

The pf.conf(5) manpage describes the proper order for pf.conf
sections when the require-order option is enabled.

> Does any FreeBSD PF users use this and does it work???

I do.  Yes, it works.

> Also is there some command to display the bad syntax line along
> with the error message?

It does on CURRENT.  I'm not sure if is a CURRENT-specific feature,
but here I see (by deliberately breaking the syntax of the skip
line for lo0):

% gothmog:/root# pfctl -f /etc/pf.conf
% /etc/pf.conf:17: syntax error
% pfctl: Syntax error in config file: pf rules not loaded
% gothmog:/root# cat -n /etc/pf.conf | head -17 | tail -1
%     17  set skip lo0
% gothmog:/root#